Lucene search
K

6423 matches found

OSV
OSV
added 2023/05/16 12:0 a.m.26 views

ALSA-2023:2867 Moderate: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file...

5.5CVSS5.7AI score0.0048EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 12:0 a.m.28 views

ALSA-2023:3018 Low: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

9.8CVSS7.9AI score0.01936EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.23 views

ALSA-2023:2883 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c CVE-2022-3627 libtiff: integer overflow in function TIFFReadRGBATileExt of the file CVE-2022-3970 For more...

8.8CVSS8.1AI score0.01237EPSS
Exploits2References6
OSV
OSV
added 2023/05/16 12:0 a.m.27 views

ALSA-2023:3002 Moderate: bind security and bug fix update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

5.3CVSS6.9AI score0.01429EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.23 views

ALSA-2023:2810 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: integer overflow in JBIG2 decoder using malformed files CVE-2022-38784 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.8CVSS7.8AI score0.00574EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 12:0 a.m.41 views

ALSA-2023:2866 Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters...

7.5CVSS7.1AI score0.05623EPSS
Exploits1References8
OSV
OSV
added 2023/05/16 12:0 a.m.38 views

ALSA-2023:2764 Moderate: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...

7.5CVSS7.8AI score0.03213EPSS
Exploits1References8
OSV
OSV
added 2023/05/16 12:0 a.m.50 views

ALSA-2023:2780 Moderate: Image Builder security, bug fix, and enhancement update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

7.5CVSS7.1AI score0.05623EPSS
Exploits1References12
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.57 views

Moderate: Image Builder security, bug fix, and enhancement update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

7.5CVSS6.7AI score0.05623EPSS
Exploits1References12
OSV
OSV
added 2023/05/16 12:0 a.m.33 views

ALSA-2023:2834 Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23517 webkitgtk: memory...

8.8CVSS9AI score0.34574EPSS
Exploits2References46
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.72 views

Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23517 webkitgtk: memory...

8.8CVSS8AI score0.34574EPSS
Exploits2References46
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.89 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 4.18.0. BZ2122230, BZ2122267 Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564...

8.8CVSS8.1AI score0.03763EPSS
Exploits17References80
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.50 views

AlmaLinux 9 : Image Builder (ALSA-2023:2204)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2204 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing i...

7.5CVSS7AI score0.05623EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.23 views

AlmaLinux 9 : frr (ALSA-2023:2202)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2202 advisory. - An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse ...

9.1CVSS7.8AI score0.01578EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.26 views

AlmaLinux 9 : device-mapper-multipath (ALSA-2023:2459)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2459 advisory. - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to...

7.8CVSS7.5AI score0.00658EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.24 views

AlmaLinux 9 : gdk-pixbuf2 (ALSA-2023:2216)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2216 advisory. - GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lz...

8.8CVSS8.1AI score0.01891EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.29 views

AlmaLinux 9 : butane (ALSA-2023:2193)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2193 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing i...

7.5CVSS7AI score0.02513EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.20 views

AlmaLinux 9 : emacs (ALSA-2023:2366)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2366 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C...

7.8CVSS7.5AI score0.00635EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.34 views

AlmaLinux 9 : libreswan (ALSA-2023:2633)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:2633 advisory. - Libreswan 4.9 allows remote attackers to cause a denial of service assert failure and daemon restart via crafted TS payload with an incorrect selector length...

6.5CVSS6.4AI score0.01606EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.60 views

AlmaLinux 9 : samba (ALSA-2023:2519)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2519 advisory. - In Samba, GnuTLS gnutlsrnd can fail and give predictable random values. CVE-2022-1615 Note that Nessus has not tested for this issue but has instead relied only ...

5.5CVSS6.4AI score0.00408EPSS
Exploits1References2
Rows per page
Query Builder